be8d8c0dcc51a0ab7576737f107afa12 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be8d8c0dcc51a0ab7576737f107afa12
Size

129KB
MD5

be8d8c0dcc51a0ab7576737f107afa12
SHA1

2b6683f0d2c5d39be10ba168ed65226aebda0684
SHA256

42ede0ddf7afd81b1fcf9699ecb47f33b55b1bb5c6cddd1893bd917cc9674ff3
SHA512

dbb18a2c2316fc907a2037f643989e1bebc0b54291f711a0dc28931a13f3fe0bf7521464782ee954ab41ef0a129fe000f5202d48590b4dcd1852ca011b44c2ad
SSDEEP

3072:ZHO1lYGyC8bT7qtoPcynVgS8JvTNxFzf8QnxRB/ehezwa:VO1uj3aTynr8JxzfVRB/rka

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be8d8c0dcc51a0ab7576737f107afa12

Files

be8d8c0dcc51a0ab7576737f107afa12
.exe windows:5 windows x86 arch:x86

ac8dec79f6a5725102f9238061319be5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCommandLineA
Sleep
GetStartupInfoA
GetModuleHandleA
lstrlenA
FreeConsole
GetModuleFileNameA
CloseHandle
OutputDebugStringW
OutputDebugStringA

user32

IsWindow
SetWindowLongA
DefWindowProcA
SetTimer
DialogBoxParamA
PostQuitMessage
MessageBoxA
GetParent
TrackPopupMenu
CreateWindowExA
CallWindowProcA
ShowWindow
GetSubMenu
CreateMenu

gdi32

BitBlt
SelectPalette
DeleteObject
SetBkMode
CreateDIBitmap
GetFontData
SelectObject
PolyTextOutA
DeleteDC

shell32

SHGetFileInfoA
ShellExecuteA

ole32

CoCreateInstance
CoInitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 580B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ